Skip to content

jira_integration: changes risk acceptance expiration date to a better default #13488

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Oct 23, 2025
Merged

jira_integration: changes risk acceptance expiration date to a better default #13488

merged 3 commits into from
Oct 23, 2025
+25 −1

Conversation

@maxi-bee
Copy link
Contributor

@maxi-bee maxi-bee commented Oct 21, 2025
edited by valentijnscholten
Loading

Fixes #13439

@github-actions github-actions bot added the New Migration Adding a new migration file. Take care when merging. label Oct 21, 2025
This was referenced Oct 21, 2025
Closed
Open
@dryrunsecurity
Copy link

dryrunsecurity bot commented Oct 21, 2025
edited
Loading

DryRun Security

🔴 Risk threshold exceeded.

This pull request modifies sensitive files related to database migrations and Jira integration (dojo/db_migrations/0245_alter_jira_instance_accepted_mapping_resolution.py, dojo/jira_link/helper.py, and dojo/models.py), triggering configured codepath alerts; review these changes carefully against your .dryrunsecurity.yaml allowed paths/authors before merging.

🔴 Configured Codepaths Edit in dojo/jira_link/helper.py
Vulnerability Configured Codepaths Edit
Description Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.
🔴 Configured Codepaths Edit in dojo/models.py
Vulnerability Configured Codepaths Edit
Description Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.
🔴 Configured Codepaths Edit in dojo/db_migrations/0245_alter_jira_instance_accepted_mapping_resolution.py
Vulnerability Configured Codepaths Edit
Description Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.

We've notified @mtesauro.

All finding details can be found in the DryRun Security Dashboard.

@maxi-bee
Copy link
Contributor Author

That linting rule looks like a suggestion than anything folks, applying the suggestion will make the rest of the similar code look odd. Other than that this looks good to me @valentijnscholten

@valentijnscholten valentijnscholten linked an issue Oct 21, 2025 that may be closed by this pull request
Findings risk accepted using "Risk Accepted resolution mapping" have no expiration date #13439
Open
3 tasks
valentijnscholten
valentijnscholten reviewed Oct 21, 2025
View reviewed changes
@valentijnscholten valentijnscholten added this to the 2.52.0 milestone Oct 21, 2025
valentijnscholten
valentijnscholten reviewed Oct 21, 2025
View reviewed changes
@valentijnscholten
Copy link
Member

That linting rule looks like a suggestion than anything folks, applying the suggestion will make the rest of the similar code look odd. Other than that this looks good to me @valentijnscholten

I made it pass the Ruff linter as that's a requirement.

@valentijnscholten valentijnscholten merged commit fd5b2fb into DefectDojo:dev Oct 23, 2025
151 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@valentijnscholten valentijnscholten valentijnscholten approved these changes

@paulOsinski paulOsinski paulOsinski approved these changes

@Maffooch Maffooch Maffooch approved these changes

@Jino-T Jino-T Jino-T approved these changes

@mtesauro mtesauro Awaiting requested review from mtesauro mtesauro is a code owner

Assignees

No one assigned

Labels

New Migration Adding a new migration file. Take care when merging.

Projects

None yet

Milestone

2.52.0

Development

Successfully merging this pull request may close these issues.

Findings risk accepted using "Risk Accepted resolution mapping" have no expiration date

5 participants

@maxi-bee @valentijnscholten @paulOsinski @Maffooch @Jino-T